But Red Team has Sarge! And Donut! … although Blue does have Caboose.
Ya gotta love Sarge… “chupathingy”
Howwww I wish that Griff was deeeeead
Put a bullet in his heeeaaad
And, of course,
“It’s not pink, it’s lightish red!”
Incident Response particularly is 15% knowing the processes, 50% knowing the systems, and 35% knowing what bad people do (hand waving over the percentages, but you get the idea). If you’re an experienced admin then you’ve got half of that better than anybody who’s not got that background, and the process piece is trivial. Oh, and because you know what the systems should look like, spotting the bad people even when you don’t know what they do is easier…
There’s a huge range of options in cyber these days though, from the traditional policy and process piece (thankfully tempered by reality), through education and awareness (from the traditional end user piece, up to board level), ethical hacking, legal, system review/design… and on and on and on.
That extra nanosecond will get you dreked in no time slag.
Put the same article out on G+ - and there’s people who are overjoyed at this kind of thing.
Seems their idea of security is not the same as ours.